The American Land Title Association (ALTA) on July 3 informed its members, comprised of title insurance agents, abstracters and underwriters, their usernames and passwords may have been acquired by an unauthorized person.
The 102-year-old ALTA, which claims 6,000 active members, posted a security alert stating it was contacted by a person claiming to be an ethical hacker who had come across and disclosed to ALTA 600 records consisting of domain identification, IP addresses, usernames and passwords. ALTA told SC Media some records of its members were among the 600, but the majority were not members. Nearly 200 of the records were for john.stamos AT gmail DOT com. Another 11 records included email addresses with nonsense (e.g., gggg AT ggggg DOT com) or profanity.
“There is no indication the data comes from a specific system breach. There are no signs that the credentials are still active or how they were obtained. We believe this person is also contacting individuals and companies they can identify from the data,” ALTA said in the alert.
In May 2019 ALTA warned its members to discard a phishing email with the subject line “Changes & Updates to Member Directory” that appeared to come from the organizations. The scam email asked members to open a PDF listing the membership directory and double check that the member’s ALTA ID, state chapter and active contact number was correct.
SC Media has an inquiry in with ALTA asking exactly how the phishing campaign was used to generate the information found online.